def do_login():
if request.method == 'POST':
passwd = request.form['passwd']
if passwd:
hashed_passwd = md5(passwd).hexdigest() # md5(passwd)
hashed_passwd_from_db = Admin.getone().passwd
if hashed_passwd == hashed_passwd_from_db:
session[SESSION_KEY] = 1
flashx.success('Logged in successfully')
return redirect(url_for('admin'))
else:
flashx.error('Incorrect password')
else:
flashx.warning('Empty input')
return redirect(url_for('login'))
def update_password():
password_now = request.form['password_now']
password_new = request.form['password_new']
password_new_repeat = request.form['password_new_repeat']
if password_now and password_new and password_new_repeat:
if password_new_repeat != password_new:
flashx.warning('The two new passwords do not match')
else:
admin = Admin.getone()
hashed_passwd_now = md5(password_now).hexdigest()
if hashed_passwd_now != admin.passwd:
flashx.warning('Incorrect password')
else:
admin.passwd = md5(password_new).hexdigest()
admin.save()
flashx.success('Save password successfully, please login again')
return redirect(url_for('logout'))
else:
flashx.warning('Empty input!')
return redirect(url_for('password'))